[ltb-dev] [LDAP Tool Box - Bug #863] Password Token Expiring
noreply at lsc-project.org
noreply at lsc-project.org
Mon May 23 17:17:28 CEST 2016
Issue #863 has been updated by Clément OUDOT.
Well this is weird.
You can try to disable the session garbage collector tuning in the code by commenting following lines in pages/resetbytokens.php:
<pre>
# Manage lifetime with sessions properties
//if (isset($token_lifetime)) {
// ini_set("session.gc_maxlifetime", $token_lifetime);
// ini_set("session.gc_probability",1);
// ini_set("session.gc_divisor",1);
//}
</pre>
The timeout will still be checked with the 'time' parameter registered in the session.
----------------------------------------
Bug #863: Password Token Expiring
http://tools.lsc-project.org/issues/863
Author: Jeff G
Status: New
Priority: High
Assigned to:
Category: Self Service Password
Target version: self-service-password-?
It seems the password tokens expire when a new one is requested, even for completely different people. If I request a password reset token for client A, then 5 minutes later for client B, client A will no longer be able to reset their password using the token they were sent. Is this normal?
--
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20160523/be7c6650/attachment.htm>
More information about the ltb-dev
mailing list